{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T14:44:27Z","timestamp":1740149067011,"version":"3.37.3"},"reference-count":50,"publisher":"Wiley","license":[{"start":{"date-parts":[[2021,6,16]],"date-time":"2021-06-16T00:00:00Z","timestamp":1623801600000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100002858","name":"China Postdoctoral Science Foundation","doi-asserted-by":"publisher","award":["2016M600465","2019C03134","61772165","2019YFB2102100"],"award-info":[{"award-number":["2016M600465","2019C03134","61772165","2019YFB2102100"]}],"id":[{"id":"10.13039\/501100002858","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Key Research and Development Program of Zhejiang Province","award":["2016M600465","2019C03134","61772165","2019YFB2102100"],"award-info":[{"award-number":["2016M600465","2019C03134","61772165","2019YFB2102100"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016M600465","2019C03134","61772165","2019YFB2102100"],"award-info":[{"award-number":["2016M600465","2019C03134","61772165","2019YFB2102100"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key Research and Development Program of China","award":["2016M600465","2019C03134","61772165","2019YFB2102100"],"award-info":[{"award-number":["2016M600465","2019C03134","61772165","2019YFB2102100"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2021,6,16]]},"abstract":"<jats:p>The prosperity of mobile networks and social networks brings revolutionary conveniences to our daily lives. However, due to the complexity and fragility of the network environment, network attacks are becoming more and more serious. Characterization of network traffic is commonly used to model and detect network anomalies and finally to raise the cybersecurity awareness capability of network administrators. As a tool to characterize system running status, entropy-based time-series complexity measurement methods such as Multiscale Entropy (MSE), Composite Multiscale Entropy (CMSE), and Fuzzy Approximate Entropy (FuzzyEn) have been widely used in anomaly detection. However, the existing methods calculate the distance between vectors solely using the two most different elements of the two vectors. Furthermore, the similarity of vectors is calculated using the Heaviside function, which has a problem of bouncing between 0 and 1. The Euclidean Distance-Based Multiscale Fuzzy Entropy (EDM-Fuzzy) algorithm was proposed to avoid the two disadvantages and to measure entropy values of system signals more precisely, accurately, and stably. In this paper, the EDM-Fuzzy is applied to analyze the characteristics of abnormal network traffic such as botnet network traffic and Distributed Denial of Service (DDoS) attack traffic. The experimental analysis shows that the EDM-Fuzzy entropy technology is able to characterize the differences between normal traffic and abnormal traffic. The EDM-Fuzzy entropy characteristics of ARP traffic discovered in this paper can be used to detect various types of network traffic anomalies including botnet and DDoS attacks.<\/jats:p>","DOI":"10.1155\/2021\/5560185","type":"journal-article","created":{"date-parts":[[2021,6,16]],"date-time":"2021-06-16T21:50:09Z","timestamp":1623880209000},"page":"1-9","source":"Crossref","is-referenced-by-count":3,"title":["Characterizing Network Anomaly Traffic with Euclidean Distance-Based Multiscale Fuzzy Entropy"],"prefix":"10.1155","volume":"2021","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0701-7318","authenticated-orcid":true,"given":"Renjie","family":"Zhou","sequence":"first","affiliation":[{"name":"College of Computer Science and Technology, Zhejiang University, Hangzhou 310058, China"},{"name":"College of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China"},{"name":"Key Laboratory of Complex Systems Modeling and Simulation of the Ministry of Education, Hangzhou Dianzi University, Hangzhou 310018, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5316-3271","authenticated-orcid":true,"given":"Xiao","family":"Wang","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1145-0237","authenticated-orcid":true,"given":"Jingjing","family":"Yang","sequence":"additional","affiliation":[{"name":"Zhuoyue Honors College, Hangzhou Dianzi University, Hangzhou 310018, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4957-8877","authenticated-orcid":true,"given":"Wei","family":"Zhang","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China"},{"name":"Key Laboratory of Complex Systems Modeling and Simulation of the Ministry of Education, Hangzhou Dianzi University, Hangzhou 310018, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8604-874X","authenticated-orcid":true,"given":"Sanyuan","family":"Zhang","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Zhejiang University, Hangzhou 310058, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1155\/2020\/8858444"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1145\/3319532"},{"article-title":"Hybrid model for improving the classification effectiveness of network intrusion detection","author":"V. Dutta","key":"3","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-030-57805-3_38"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1007\/s00779-017-1096-z"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2016.2627340"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2017.11.023"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1016\/j.dcan.2020.06.001"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.26599\/TST.2019.9010051"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.3004699"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2017.03.018"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-84882-765-3_11"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.11.008"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1109\/ICCT50939.2020.9295801"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1109\/access.2021.3051074"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102177"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1002\/ett.4121"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2875045"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1109\/ITECHA.2017.8101921"},{"key":"19","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2019.02.046"},{"article-title":"Features extraction on IoT intrusion detection system using principal components analysis (PCA)","author":"Sharipuddin","key":"20","doi-asserted-by":"crossref","DOI":"10.23919\/EECSI50503.2020.9251292"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2019.107049"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.3390\/e17042367"},{"first-page":"2541","article-title":"DoWitcher: effective worm detection and containment in the internet core","author":"S. Ranjan","key":"23"},{"first-page":"32","article-title":"Detecting anomalies in network traffic using maximum entropy estimation","author":"Y. Gu","key":"24"},{"first-page":"596","article-title":"Anomaly detection using source port data with shannon entropy and EWMA control chart","author":"S. Ransewa","key":"25"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNC.2019.8685632"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.3390\/e22080845"},{"key":"28","doi-asserted-by":"publisher","DOI":"10.1016\/j.physa.2018.04.101"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1080\/00207166808803030"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1002\/j.1538-7305.1948.tb01338.x"},{"key":"31","doi-asserted-by":"publisher","DOI":"10.1073\/pnas.88.6.2297"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1152\/ajpheart.2000.278.6.h2039"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1016\/j.medengphy.2008.04.005"},{"key":"34","doi-asserted-by":"publisher","DOI":"10.1103\/physreve.71.021906"},{"key":"35","doi-asserted-by":"publisher","DOI":"10.3390\/e15031069"},{"key":"36","doi-asserted-by":"publisher","DOI":"10.3390\/e20050325"},{"key":"37","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2018.2881218"},{"key":"38","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2020.3009139"},{"key":"39","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-642-20757-0_4","article-title":"UNADA: unsupervised network anomaly detection using sub-space outliers ranking","volume-title":"Networking 2011","author":"P. Casas","year":"2011"},{"key":"40","doi-asserted-by":"publisher","DOI":"10.1109\/tii.2015.2486379"},{"key":"41","doi-asserted-by":"publisher","DOI":"10.1109\/tii.2016.2635082"},{"key":"42","doi-asserted-by":"publisher","DOI":"10.1103\/physrevlett.89.068102"},{"key":"43","doi-asserted-by":"publisher","DOI":"10.1016\/j.fbp.2017.08.010"},{"key":"44","doi-asserted-by":"publisher","DOI":"10.3390\/e17052590"},{"key":"45","doi-asserted-by":"publisher","DOI":"10.1016\/j.physa.2018.04.086"},{"key":"46","doi-asserted-by":"publisher","DOI":"10.1016\/j.jsv.2018.04.036"},{"key":"47","doi-asserted-by":"publisher","DOI":"10.1016\/j.ymssp.2016.09.010"},{"key":"48","article-title":"The CTU-13 Dataset. a labeled dataset with botnet, normal and background traffic on stratosphere research laboratory"},{"key":"49","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.05.011"},{"volume-title":"DDoS Evaluation Dataset (CIC-DDoS2019)","year":"2019","author":"Canadian Institute for Cybersecurity","key":"50"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5560185.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5560185.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/5560185.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,31]],"date-time":"2022-12-31T12:00:13Z","timestamp":1672488013000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2021\/5560185\/"}},"subtitle":[],"editor":[{"given":"Zhe-Li","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2021,6,16]]},"references-count":50,"alternative-id":["5560185","5560185"],"URL":"https:\/\/doi.org\/10.1155\/2021\/5560185","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"type":"electronic","value":"1939-0122"},{"type":"print","value":"1939-0114"}],"subject":[],"published":{"date-parts":[[2021,6,16]]}}}